"SSL-based VPNs were designed to eliminate the need for complex
configurations on the user's PC. Unfortunately, that was before the
dangers of public WiFi networks and tougher regulatory requirements
came into being. Thanks to WiFi, many attacks that were difficult
are now quite simple. In particular, a man-in-the-middle attack can
intercept SSL-encrypted traffic, rendering SSL-based VPNs useless -
even if it's protected by a typical one-time password system. The
man-in-the-middle can easily feed the one-time password into the
SSL-based VPN within the alloted time.
"In order to thwart this attack, mutual authentication is
required. Mutual authentication means that the user is validated to
the site and the site is validated to the user..."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.